X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fredir.php;h=ab4f3220cd7d1a1ace36ece544828db9ab96d0a6;hb=4976b1c1536191426e9bd0fc21d7aa327b15be57;hp=7a4403613197405ab1c3f6fe18692c90d7c5c477;hpb=4990f64927e2ddd65e1a1f4b1ef85fec12fb98a9;p=friendica.git diff --git a/include/redir.php b/include/redir.php index 7a44036131..ab4f3220cd 100644 --- a/include/redir.php +++ b/include/redir.php @@ -2,6 +2,11 @@ function auto_redir(&$a, $contact_nick) { + // prevent looping + + if(x($_REQUEST,'redir') && intval($_REQUEST['redir'])) + return; + if((! $contact_nick) || ($contact_nick === $a->user['nickname'])) return; @@ -12,28 +17,35 @@ function auto_redir(&$a, $contact_nick) { // same nickname as me on other hubs or other networks. Exclude these by requiring // that the contact have a local URL. I will be the only person with my nickname at // this URL, so if a result is found, then I am a contact of the $contact_nick user. + // + // We also have to make sure that I'm a legitimate contact--I'm not blocked or pending. $baseurl = $a->get_baseurl(); $domain_st = strpos($baseurl, "://"); if($domain_st === false) return; $baseurl = substr($baseurl, $domain_st + 3); + $nurl = normalise_link($baseurl); + $r = q("SELECT id FROM contact WHERE uid = ( SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 ) - AND nick = '%s' AND self = 0 AND url LIKE '%%%s%%' LIMIT 1", + AND nick = '%s' AND self = 0 AND ( url LIKE '%%%s%%' or nurl LIKE '%%%s%%' ) AND blocked = 0 AND pending = 0 LIMIT 1", dbesc($contact_nick), dbesc($a->user['nickname']), - dbesc($baseurl) + dbesc($baseurl), + dbesc($nurl) ); if((!$r) || (! count($r)) || $r[0]['id'] == remote_user()) return; - $r = q("SELECT * FROM contact WHERE nick = '%s' AND network = '%s' AND uid = %d LIMIT 1", + $r = q("SELECT * FROM contact WHERE nick = '%s' + AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1", dbesc($contact_nick), dbesc(NETWORK_DFRN), - intval(local_user()) + intval(local_user()), + dbesc($baseurl) ); if(! ($r && count($r))) @@ -52,6 +64,12 @@ function auto_redir(&$a, $contact_nick) { $dfrn_id = '0:' . $orig_id; } + // ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode + // that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues + + if(strlen($dfrn_id) < 3) + return; + $sec = random_string(); q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)